diff --git a/container_linux.go b/container_linux.go index 54d40617..3c077afb 100644 --- a/container_linux.go +++ b/container_linux.go @@ -140,7 +140,9 @@ func (c *linuxContainer) commandTemplate(p *Process, childPipe *os.File) (*exec. cmd.SysProcAttr = &syscall.SysProcAttr{} } cmd.ExtraFiles = []*os.File{childPipe} - cmd.SysProcAttr.Pdeathsig = syscall.SIGKILL + // NOTE: when running a container with no PID namespace and the parent process spawning the container is + // PID1 the pdeathsig is being delivered to the container's init process by the kernel for some reason + // even with the parent still running. if c.config.ParentDeathSignal > 0 { cmd.SysProcAttr.Pdeathsig = syscall.Signal(c.config.ParentDeathSignal) } diff --git a/init_linux.go b/init_linux.go index 0468b2e9..1786b1ed 100644 --- a/init_linux.go +++ b/init_linux.go @@ -69,7 +69,8 @@ func newContainerInit(t initType, pipe *os.File) (initer, error) { }, nil case initStandard: return &linuxStandardInit{ - config: config, + parentPid: syscall.Getppid(), + config: config, }, nil } return nil, fmt.Errorf("unknown init type %q", t) diff --git a/standard_init_linux.go b/standard_init_linux.go index 29619d3c..282832b5 100644 --- a/standard_init_linux.go +++ b/standard_init_linux.go @@ -13,7 +13,8 @@ import ( ) type linuxStandardInit struct { - config *initConfig + parentPid int + config *initConfig } func (l *linuxStandardInit) Init() error { @@ -85,9 +86,10 @@ func (l *linuxStandardInit) Init() error { if err := pdeath.Restore(); err != nil { return err } - // Signal self if parent is already dead. Does nothing if running in a new - // PID namespace, as Getppid will always return 0. - if syscall.Getppid() == 1 { + // compare the parent from the inital start of the init process and make sure that it did not change. + // if the parent changes that means it died and we were reparened to something else so we should + // just kill ourself and not cause problems for someone else. + if syscall.Getppid() != l.parentPid { return syscall.Kill(syscall.Getpid(), syscall.SIGKILL) } return system.Execv(l.config.Args[0], l.config.Args[0:], os.Environ())